summaryrefslogtreecommitdiffstats
path: root/system/libraries/Session.php
diff options
context:
space:
mode:
authorAndrey Andreev <narf@bofh.bg>2012-03-19 11:09:38 +0100
committerAndrey Andreev <narf@bofh.bg>2012-03-19 11:09:38 +0100
commitcf10de5aa03bd7c0036a8347f22ace3089779092 (patch)
tree63c403df162d5d94ec11eb8f86949d4016fe4e4e /system/libraries/Session.php
parent25357cd7886b95d1e77b6a539a4588a265688874 (diff)
parent4ad0fd86e8dc6dba74305dbb0c88c593b46a19a2 (diff)
Merge pull request #1182 from freewil/cookies-httponly
Cookies httponly
Diffstat (limited to 'system/libraries/Session.php')
-rw-r--r--system/libraries/Session.php18
1 files changed, 10 insertions, 8 deletions
diff --git a/system/libraries/Session.php b/system/libraries/Session.php
index 0b9d45b2a..0c8d46591 100644
--- a/system/libraries/Session.php
+++ b/system/libraries/Session.php
@@ -48,6 +48,7 @@ class CI_Session {
public $cookie_path = '';
public $cookie_domain = '';
public $cookie_secure = FALSE;
+ public $cookie_httponly = FALSE;
public $sess_time_to_update = 300;
public $encryption_key = '';
public $flashdata_key = 'flash';
@@ -72,7 +73,7 @@ class CI_Session {
// Set all the session preferences, which can either be set
// manually via the $params array above or via the config file
- foreach (array('sess_encrypt_cookie', 'sess_use_database', 'sess_table_name', 'sess_expiration', 'sess_expire_on_close', 'sess_match_ip', 'sess_match_useragent', 'sess_cookie_name', 'cookie_path', 'cookie_domain', 'cookie_secure', 'sess_time_to_update', 'time_reference', 'cookie_prefix', 'encryption_key') as $key)
+ foreach (array('sess_encrypt_cookie', 'sess_use_database', 'sess_table_name', 'sess_expiration', 'sess_expire_on_close', 'sess_match_ip', 'sess_match_useragent', 'sess_cookie_name', 'cookie_path', 'cookie_domain', 'cookie_secure', 'cookie_httponly', 'sess_time_to_update', 'time_reference', 'cookie_prefix', 'encryption_key') as $key)
{
$this->$key = (isset($params[$key])) ? $params[$key] : $this->CI->config->item($key);
}
@@ -666,13 +667,14 @@ class CI_Session {
// Set the cookie
setcookie(
- $this->sess_cookie_name,
- $cookie_data,
- $expire,
- $this->cookie_path,
- $this->cookie_domain,
- $this->cookie_secure
- );
+ $this->sess_cookie_name,
+ $cookie_data,
+ $expire,
+ $this->cookie_path,
+ $this->cookie_domain,
+ $this->cookie_secure,
+ $this->cookie_httponly
+ );
}
// --------------------------------------------------------------------